Anti-Malware , Data Breach Prevention and Response Summit , Events

Malware Activity & Network Anomaly Detection
Malware Activity & Network Anomaly Detection

Session Preview:

See Also: Creating a User-Centric Authentication and Identity Platform for the Healthcare Industry

As the weapon is installed and begins to utilize mechanisms, such as remote access Trojans or backdoor channels to become resident, it will leave a trail of threat indicators. Certain malware focused anomaly detection solutions can recognize these indicators helping to facilitate a response, while mechanisms such as Application Whitelisting could prevent the malware from running in the first place. We will discuss both in this session. Should such mechanisms fail, the weapon attempts to establish command and control communications, as it does so it will produce valuable network - level threat indicators facilitating its detection and appropriate response. Technologies such as advanced SIEM solutions are critical to collate and correlate such indicators to assist in the creation of actionable intelligence.

Around the Network